Article title: Sun announces the open-source Key Management Protocol. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Sun recently announced that it will open source its key management technology. The unified communication protocol between the key manager and the encryption device is a major goal of Sun's recent Open Storage initiative project. at the same time, Open Storage is also one of Sun's most promising fields. Sun said that this agreement could be used by partners to securely process keys without additional permission.
However, Sun's release of the message was somewhat unusual, as EMC, HP, IBM, and four other vendors just announced the establishment of key encryption standards a few days ago. The interoperability between key management systems has always been one of the biggest obstacles to the wide application of data encryption.
Sun spokesman Alex Plant said the news was just the first anniversary of Sun's release of key management technology. "We need a year of experience before pushing it to the open-source field ."
Plant also said: "In addition, the key management standard was also released for the first time. we don't know much about this message, that is, we just heard of the KMIP standard this week ."
Plant said Sun's technology "has been on the market for a year and covers many products of EMC, HP, and RSA. We hope to extend the key management technology ecosystem through open source. This is good news for users, because now they can easily and spend too much money managing encryption keys ."
Jon Oltsik, security analyst at Enterprise Strategy Group, said: "In my opinion, Sun is looking for partners to use standard JAVA interfaces in the short term. This does not affect the implementation of KMIP, because KMIP is based on the network service interface. I believe this initiative will have good results ."
"Sun has been brewing this standard for a year, and there are similar plans for EMC, HP, RSA, and IBM," Plant said ." Now that the Sun protocol is open-source, KMIP "will not take effect until the end of the OASIS committee's work, and it will be monitored by OASIS standards ."
Plant said that the Sun protocol has now been submitted to the IEEE 1619 Security in Storage Working Group to promote the formulation of the P1619.3 Standard.
Plant said that KMIP "uses a low-level binary protocol for communication, rather than the more advanced XML solution recently used by OASIS and IEEE 1619.3. Due to its richness and ease of use, XML has become a standard for Web applications. The introduction of a non-standard binary protocol can be said to be a regression ."
"There are two completely different opinions on how best to provide an interoperability standard," Plant said. One viewpoint advocates the establishment of a unified standard covering all types of encryption devices, while the other advocates the extension of verified or accepted protocols. The risk of the previous view is that it is somewhat advanced. Both views aim to solve the current needs of users ."
"Defining the KMIP using tag/length/value as a low-level protocol does not exclude higher-level XML expressions," said Robert Groffin, emc ras Director of Security Department solution design. We believe it is necessary to express this standard protocol at this basic level to achieve interoperability in all environments that require security. However, we also look forward to cooperating with Sun and other vendors to create a higher-level protocol expression ."
Sun indicates that users who are currently using Sun StorageTek KMS 2.0 Key Manager, T9840D, t0000a, t0000b Enterprise Drive, and Sun StorageTek HP LTO-4 drives can use this protocol. Sun said: "Many partners, including EMC, are developing products based on this protocol, and EMC's RSA Security Department has already said it will be used as an option in its RKM Key Manager ." Sun also said that the announcement of the open-source protocol is an important step towards unified key management technology ".
Sun said that he would "use this agreement as an industry standard for further development and finalization" with industry partners and standards organizations such as IEEE 1619.3 and OASIS ." At present, IBM's drive Department is studying support for this protocol for IBM drives shipped in Sun Tape Library products. Sun said it has shared this agreement with other partners, such as computer OEMs, backup application providers, disk arrays, and switch manufacturers.